AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Cannot send WAF logs to Kinesis

1

Hi all,

I have been struggling to send my WAF ACL (AWS Managed rules) logs to Kinesis via a data firehose delivery stream.

I have a web app running on an ALB and have that set as the associated resource in the AWS WAF console.

I have also enabled logging and set Amazon Kinesis Data Firehose delivery stream as the logging destination but i am not seeing any requests etc. in the Kinesis delivery stream, its marked as active and the source is direct PUT.

Any help would be appreciated, thank you in advance!

  • Ziad
    2년 전

    I'm having the same issue, and I see no error logs or any indication of errors. Any luck resolving this issue?

주제
분석보안, 신원 및 규정 준수사물 인터넷(IoT)
태그
Amazon Data FirehoseAWS WAFAWS 방화벽 관리자아마존 Kinesis
언어
English
AWS-User-7115262
질문됨 2년 전673회 조회
2개 답변
0

There are a few troubleshooting steps in the documentation.

Can you check the CloudWatch / Events & Logs to see where it's breaking? That can help narrow down the issue as well.

AWS
Dan_H
답변함 2년 전
  • Ziad
    2년 전

    No errors, and no logs showing up in Cloudwatch. I have the same issue and tried both from the admin account and the member account, both didn't work. Also, trying directly to send logs to Cloudwatch didn't work either.

0

So, according to a recent chat with AWS support on this issue looks like logging must be enabled at the same time the web ACL or the security policy is being created. The order matters so the associated permissions can be created accordingly. Enabling logging after the ACL/policy is created will not send any logs.

AWS need to indicate the proper steps needed for enabling logging after the fact that ACLs were created, unless this is a bug.

Ziad
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠